Debian has issued an advisory on June 29: https://www.debian.org/security/2020/dsa-4711 The issue is fixed upstream in 4.5.1.3. Mageia 7 is also affected.
Status comment: (none) => Fixed upstream in 4.5.1.3Whiteboard: (none) => MGA7TOO
This SRPM has been maintained by various packagers, so assigning this globally. CC'ing the last registered maintainer mitya/Dimitri in case he wants to come back on board.
CC: (none) => mityaAssignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated package fixes a security vulnerability: In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. (CVE-2020-4067) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4067 https://www.debian.org/security/2020/dsa-4711 ======================== Updated package in core/updates_testing: ======================== coturn-4.5.0.7-2.4.mga7 from SRPM: coturn-4.5.0.7-2.4.mga7.src.rpm
Status comment: Fixed upstream in 4.5.1.3 => (none)CC: (none) => nicolas.salgueroCVE: (none) => CVE-2020-4067Status: NEW => ASSIGNEDAssignee: pkg-bugs => qa-bugsWhiteboard: MGA7TOO => (none)Version: Cauldron => 7Source RPM: coturn-4.5.1.2-1.mga8.src.rpm => coturn-4.5.0.7-2.3.mga7.src.rpm
MGA7-64 Plasma on Lenovo B50 No installation issues. Ref bug 26413 for testing # systemctl -l status turnserver ● turnserver.service - coturn Loaded: loaded (/usr/lib/systemd/system/turnserver.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:coturn(1) man:turnadmin(1) man:turnserver(1) Jul 08 14:17:20 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/turnserver.service:10: PIDFile= references path below> # systemctl start turnserver # systemctl -l status turnserver ● turnserver.service - coturn Loaded: loaded (/usr/lib/systemd/system/turnserver.service; disabled; vendor preset: disabled) Active: active (running) since Wed 2020-07-08 14:17:47 CEST; 3s ago Docs: man:coturn(1) man:turnadmin(1) man:turnserver(1) Process: 29861 ExecStart=/usr/bin/turnserver -o -c /etc/turnserver/turnserver.conf $EXTRA_OPTIONS (code=exited, status=0/SU> Main PID: 29862 (turnserver) Tasks: 9 (limit: 4915) Memory: 5.2M CGroup: /system.slice/turnserver.service └─29862 /usr/bin/turnserver -o -c /etc/turnserver/turnserver.conf Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: turn server id=1 created Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: IO method (general relay thread): epoll (with changelist) Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: turn server id=3 created Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: IO method (general relay thread): epoll (with changelist) Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: turn server id=2 created Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: Total General servers: 4 Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: IO method (auth thread): epoll (with changelist) Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: IO method (auth thread): epoll (with changelist) Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: IO method (admin thread): epoll (with changelist) Jul 08 14:17:47 mach5.hviaene.thuis turnserver[29862]: 1: SQLite DB connection success: /var/db/turndb
CC: (none) => herman.viaene
No other machine available so testing locally: $ netstat -nl | grep 3478 tcp 0 0 192.168.2.5:3478 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN tcp6 0 0 ::1:3478 :::* LISTEN sctp ::1:3478 LISTEN sctp ::1:3478 LISTEN sctp ::1:3478 LISTEN sctp ::1:3478 LISTEN sctp 192.168.2.5:3478 LISTEN sctp 192.168.2.5:3478 LISTEN sctp 192.168.2.5:3478 LISTEN sctp 192.168.2.5:3478 LISTEN sctp 127.0.0.1:3478 LISTEN sctp 127.0.0.1:3478 LISTEN sctp 127.0.0.1:3478 LISTEN sctp 127.0.0.1:3478 LISTEN udp 0 0 192.168.2.5:3478 0.0.0.0:* udp 0 0 192.168.2.5:3478 0.0.0.0:* udp 0 0 192.168.2.5:3478 0.0.0.0:* udp 0 0 192.168.2.5:3478 0.0.0.0:* udp 0 0 127.0.0.1:3478 0.0.0.0:* udp 0 0 127.0.0.1:3478 0.0.0.0:* udp 0 0 127.0.0.1:3478 0.0.0.0:* udp 0 0 127.0.0.1:3478 0.0.0.0:* udp6 0 0 ::1:3478 :::* udp6 0 0 ::1:3478 :::* udp6 0 0 ::1:3478 :::* udp6 0 0 ::1:3478 :::* [tester7@mach5 ~]$ telnet 192.168.2.5 3478 Trying 192.168.2.5... Connected to mach5.hviaene.thuis (192.168.2.5). Escape character is '^]'. Looks OK to me
Whiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => mageia
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0287.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED